package cz.integsoft.mule.ipm.internal.http.operation;

import cz.integsoft.mule.ipm.api.exception.ProcessingException;
import cz.integsoft.mule.ipm.api.http.ProxyHttpResponseAttributes;
import cz.integsoft.mule.ipm.api.http.authentication.BasicAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.DigestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.HttpRequestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.NtlmAuthentication;
import cz.integsoft.mule.ipm.api.http.proxy.ViaHttpProxyConfig;
import cz.integsoft.mule.ipm.api.tcp.TcpClientSocketProperties;
import cz.integsoft.mule.ipm.internal.http.HttpDeleteWithBody;
import cz.integsoft.mule.ipm.internal.http.ShareableHttpClient;
import cz.integsoft.mule.ipm.internal.http.config.HttpProxyConfig;
import cz.integsoft.mule.ipm.internal.http.parameter.ExclusiveHttpHeaders;
import cz.integsoft.mule.ipm.internal.http.parameter.HttpRequestParameter;
import cz.integsoft.mule.ipm.internal.http.parameter.KeyStoreMappingHolder;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Spliterators;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.InputStreamEntity;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.auth.NTLMScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.PrivateKeyDetails;
import org.apache.http.ssl.PrivateKeyStrategy;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.runtime.api.metadata.MediaType;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.extension.api.runtime.operation.Result;
import org.mule.runtime.extension.api.runtime.process.CompletionCallback;
import org.mule.runtime.http.api.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperationDelegate.class */
public class HttpProxyOperationDelegate {
    private static final Charset aC = Charset.defaultCharset();
    private static final Logger LOGGER = LoggerFactory.getLogger(HttpProxyOperationDelegate.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperationDelegate$4, reason: invalid class name */
    /* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperationDelegate$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] aG = new int[HttpConstants.Method.values().length];

        static {
            try {
                aG[HttpConstants.Method.POST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                aG[HttpConstants.Method.GET.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                aG[HttpConstants.Method.PUT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                aG[HttpConstants.Method.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(InputStream inputStream, ExclusiveHttpHeaders exclusiveHttpHeaders, HttpRequestParameter httpRequestParameter, HttpRequestAttributes httpRequestAttributes, ShareableHttpClient shareableHttpClient, URI uri, ViaHttpProxyConfig viaHttpProxyConfig, HttpProxyConfig httpProxyConfig, CompletionCallback<InputStream, ProxyHttpResponseAttributes> completionCallback) throws ClientProtocolException, IOException {
        String method = StringUtils.isBlank(httpRequestParameter.getMethod()) ? httpRequestAttributes.getMethod() : httpRequestParameter.getMethod();
        URIBuilder uRIBuilder = new URIBuilder(uri);
        httpRequestParameter.P().entrySet().forEach(entry -> {
            LOGGER.debug("Adding query parameter {}:{}", entry.getKey(), entry.getValue());
            uRIBuilder.setParameter((String) entry.getKey(), (String) entry.getValue());
        });
        try {
            URI build = uRIBuilder.build();
            HttpRequestBase a = a(HttpConstants.Method.valueOf(method), build, httpRequestAttributes, inputStream);
            exclusiveHttpHeaders.N().forEach(httpHeader -> {
                if (StringUtils.isNotBlank(httpHeader.getValue()) && a.getFirstHeader(httpHeader.getKey()) == null) {
                    LOGGER.debug("Adding request header {}:{}", httpHeader.getKey(), httpHeader.getValue());
                    a.setHeader(new BasicHeader(httpHeader.getKey(), httpHeader.getValue()));
                }
            });
            exclusiveHttpHeaders.O().entrySet().forEach(entry2 -> {
                if (StringUtils.isNotBlank((CharSequence) entry2.getValue()) && a.getFirstHeader((String) entry2.getKey()) == null) {
                    LOGGER.debug("Adding dynamic request header {}:{}", entry2.getKey(), entry2.getValue());
                    a.setHeader(new BasicHeader((String) entry2.getKey(), (String) entry2.getValue()));
                }
            });
            boolean a2 = a(build, viaHttpProxyConfig);
            HttpClientContext create = HttpClientContext.create();
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            if (a2 && StringUtils.isNotBlank(viaHttpProxyConfig.getUsername())) {
                HttpHost httpHost = new HttpHost(viaHttpProxyConfig.getHost(), viaHttpProxyConfig.getPort());
                if (viaHttpProxyConfig instanceof ViaHttpProxyConfig.HttpNtlmProxyConfig) {
                    ViaHttpProxyConfig.HttpNtlmProxyConfig httpNtlmProxyConfig = (ViaHttpProxyConfig.HttpNtlmProxyConfig) viaHttpProxyConfig;
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new NTCredentials(httpNtlmProxyConfig.getUsername(), httpNtlmProxyConfig.getPassword(), null, httpNtlmProxyConfig.getNtlmDomain()));
                } else {
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new UsernamePasswordCredentials(viaHttpProxyConfig.getUsername(), viaHttpProxyConfig.getPassword()));
                }
            }
            HttpRequestAuthentication K = httpProxyConfig.K();
            if (K != null) {
                HttpHost httpHost2 = new HttpHost(build.getHost(), build.getPort(), build.getScheme());
                basicCredentialsProvider.setCredentials(new AuthScope(httpHost2), a(K));
                BasicAuthCache basicAuthCache = new BasicAuthCache();
                if (K.isPreemptive()) {
                    AuthScheme b = b(K);
                    LOGGER.debug("Auth preemptively with scheme {} to target {}", b, httpHost2);
                    basicAuthCache.put(httpHost2, b);
                }
                create.setAuthCache(basicAuthCache);
            }
            create.setCredentialsProvider(basicCredentialsProvider);
            RequestConfig.Builder custom = RequestConfig.custom();
            custom.setConnectTimeout(httpProxyConfig.E().o().intValue());
            if (a2) {
                custom.setProxy(new HttpHost(viaHttpProxyConfig.getHost(), viaHttpProxyConfig.getPort()));
            }
            create.setRequestConfig(custom.build());
            LOGGER.debug("HTTP sending: {} : {}", a.getRequestLine(), inputStream);
            try {
                CloseableHttpResponse a3 = shareableHttpClient.a((HttpUriRequest) a, (HttpContext) create);
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("HTTP response status: {}", a3.getStatusLine());
                }
                MultiMap multiMap = new MultiMap();
                Arrays.asList(a3.getAllHeaders()).forEach(header -> {
                    multiMap.put(header.getName(), header.getValue());
                    LOGGER.debug("Adding header {}", header);
                });
                ProxyHttpResponseAttributes proxyHttpResponseAttributes = new ProxyHttpResponseAttributes(a3.getStatusLine().getStatusCode(), a3.getStatusLine().getReasonPhrase(), multiMap);
                HttpEntity entity = a3.getEntity();
                Header firstHeader = a3.getFirstHeader("Content-Type");
                if (entity != null) {
                    LOGGER.debug("Entity: {} Is response streaming? {} Is response chunked? {} Is response repeatable? {}", new Object[]{entity, Boolean.valueOf(entity.isStreaming()), Boolean.valueOf(entity.isChunked()), Boolean.valueOf(entity.isRepeatable())});
                    completionCallback.success(Result.builder().output(entity.getContent()).attributes(proxyHttpResponseAttributes).mediaType(firstHeader == null ? MediaType.ANY : MediaType.parse(firstHeader.getValue())).build());
                } else {
                    LOGGER.debug("Entity is null");
                    completionCallback.success(Result.builder().attributes(proxyHttpResponseAttributes).mediaType(firstHeader == null ? MediaType.ANY : MediaType.parse(firstHeader.getValue())).build());
                }
                if (a3 != null) {
                    LOGGER.debug("Not closing http response object");
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    LOGGER.debug("Not closing http response object");
                }
                throw th;
            }
        } catch (URISyntaxException e) {
            throw new ProcessingException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URI a(HttpRequestParameter httpRequestParameter, HttpRequestAttributes httpRequestAttributes) throws URISyntaxException {
        URIBuilder uRIBuilder = new URIBuilder(httpRequestParameter.getAddress());
        MultiMap queryParams = httpRequestAttributes.getQueryParams();
        if (queryParams != null && !queryParams.isEmpty()) {
            queryParams.forEach((str, str2) -> {
                uRIBuilder.addParameter(str, str2);
            });
        }
        return uRIBuilder.build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CloseableHttpClient a(HttpProxyConfig httpProxyConfig, HttpRequestParameter httpRequestParameter, URI uri, String str, ViaHttpProxyConfig viaHttpProxyConfig) throws KeyManagementException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        RegistryBuilder create = RegistryBuilder.create();
        create.register("http", PlainConnectionSocketFactory.getSocketFactory());
        final KeyStoreMappingHolder b = b(str, httpProxyConfig);
        LOGGER.debug("Found client keystore {} for request path: {}", b, str);
        SSLContextBuilder create2 = SSLContextBuilder.create();
        if (a(uri)) {
            if (httpProxyConfig.I()) {
                LOGGER.debug("Setting trust to all certificates");
                create2.loadTrustMaterial(new TrustStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperationDelegate.1
                    public boolean isTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                        return true;
                    }
                });
            } else if (httpProxyConfig.x() != null) {
                LOGGER.debug("Adding trust store to SSL context.");
                create2.loadTrustMaterial(httpProxyConfig.x().R(), (TrustStrategy) null);
            }
        }
        if (b != null) {
            LOGGER.debug("Adding client certificate to SSL context.");
            if (LOGGER.isDebugEnabled()) {
                final Enumeration<String> aliases = b.R().aliases();
                LOGGER.debug("Available keystore aliases: {}", StreamSupport.stream(Spliterators.spliteratorUnknownSize(new Iterator<String>() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperationDelegate.2
                    @Override // java.util.Iterator
                    /* renamed from: M, reason: merged with bridge method [inline-methods] */
                    public String next() {
                        return (String) aliases.nextElement();
                    }

                    @Override // java.util.Iterator
                    public boolean hasNext() {
                        return aliases.hasMoreElements();
                    }
                }, 16), false).collect(Collectors.joining(",")));
            }
            create2.loadKeyMaterial(b.R(), b.V(), new PrivateKeyStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperationDelegate.3
                public String chooseAlias(Map<String, PrivateKeyDetails> map, Socket socket) {
                    if (map == null || !map.containsKey(b.c())) {
                        throw new IllegalArgumentException(MessageFormat.format("Could not find any suitable alias in the client store ''{0}'' for name ''{1}''", b.T().getFileName().toString(), b.c()));
                    }
                    return b.c();
                }
            });
        }
        SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(create2.build(), new String[]{httpProxyConfig.H()}, (String[]) null, httpProxyConfig.I() ? NoopHostnameVerifier.INSTANCE : SSLConnectionSocketFactory.getDefaultHostnameVerifier());
        create.register("https", sSLConnectionSocketFactory);
        HttpClientBuilder sSLSocketFactory = HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory);
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(create.build());
        SocketConfig a = a(httpProxyConfig);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Using default socket config: {}", a.toString());
        }
        poolingHttpClientConnectionManager.setDefaultSocketConfig(a);
        poolingHttpClientConnectionManager.setMaxTotal(httpProxyConfig.A().intValue());
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(httpProxyConfig.B().intValue());
        sSLSocketFactory.setConnectionManager(poolingHttpClientConnectionManager);
        sSLSocketFactory.setConnectionManagerShared(false);
        if (httpProxyConfig.D() != null) {
            sSLSocketFactory.setConnectionTimeToLive(httpProxyConfig.D().intValue(), TimeUnit.MILLISECONDS);
        }
        sSLSocketFactory.evictIdleConnections(httpProxyConfig.C().intValue(), TimeUnit.MILLISECONDS);
        if (!httpProxyConfig.F()) {
            sSLSocketFactory.disableCookieManagement();
        }
        if (!httpProxyConfig.G()) {
            sSLSocketFactory.disableRedirectHandling();
        }
        return sSLSocketFactory.build();
    }

    private boolean a(URI uri) {
        return "https".equalsIgnoreCase(uri.getScheme());
    }

    HttpRequestBase a(HttpConstants.Method method, URI uri, HttpRequestAttributes httpRequestAttributes, InputStream inputStream) throws IOException {
        switch (AnonymousClass4.aG[method.ordinal()]) {
            case 1:
                HttpPost httpPost = new HttpPost(uri);
                httpPost.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPost;
            case 2:
                return new HttpGet(uri);
            case 3:
                HttpPut httpPut = new HttpPut(uri);
                httpPut.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPut;
            case 4:
                HttpDeleteWithBody httpDeleteWithBody = new HttpDeleteWithBody(uri);
                httpDeleteWithBody.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpDeleteWithBody;
            default:
                throw new IllegalArgumentException(MessageFormat.format("Unsupported HTTP method! [%s]", method));
        }
    }

    private ContentType a(HttpRequestAttributes httpRequestAttributes) {
        String str = (String) httpRequestAttributes.getHeaders().get("Content-Type");
        return str == null ? ContentType.create(ContentType.TEXT_PLAIN.getMimeType(), aC) : ContentType.parse(str);
    }

    private SocketConfig a(HttpProxyConfig httpProxyConfig) {
        TcpClientSocketProperties E = httpProxyConfig.E();
        SocketConfig.Builder custom = SocketConfig.custom();
        if (E.i() != null) {
            custom.setSoTimeout(E.i().intValue());
        }
        if (E.l() != null) {
            custom.setSoLinger(E.l().intValue());
        }
        if (E.h() != null) {
            custom.setRcvBufSize(E.h().intValue());
        }
        if (E.g() != null) {
            custom.setSndBufSize(E.g().intValue());
        }
        custom.setSoReuseAddress(E.j()).setSoKeepAlive(E.m()).setTcpNoDelay(E.k());
        return custom.build();
    }

    private Credentials a(HttpRequestAuthentication httpRequestAuthentication) {
        if (!(httpRequestAuthentication instanceof BasicAuthentication) && !(httpRequestAuthentication instanceof DigestAuthentication)) {
            if (!(httpRequestAuthentication instanceof NtlmAuthentication)) {
                throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
            }
            NtlmAuthentication ntlmAuthentication = (NtlmAuthentication) httpRequestAuthentication;
            return new NTCredentials(ntlmAuthentication.getUsername(), ntlmAuthentication.getPassword(), ntlmAuthentication.getWorkstation(), ntlmAuthentication.getDomain());
        }
        return new UsernamePasswordCredentials(httpRequestAuthentication.getUsername(), httpRequestAuthentication.getPassword());
    }

    private AuthScheme b(HttpRequestAuthentication httpRequestAuthentication) {
        if (httpRequestAuthentication instanceof BasicAuthentication) {
            return new BasicScheme();
        }
        if (httpRequestAuthentication instanceof DigestAuthentication) {
            return new DigestScheme();
        }
        if (httpRequestAuthentication instanceof NtlmAuthentication) {
            return new NTLMScheme();
        }
        throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
    }

    private KeyStoreMappingHolder b(String str, HttpProxyConfig httpProxyConfig) {
        return httpProxyConfig.y().stream().filter(keyStoreMappingHolder -> {
            return keyStoreMappingHolder.n(str);
        }).findFirst().orElse(null);
    }

    private boolean a(URI uri, ViaHttpProxyConfig viaHttpProxyConfig) {
        if (viaHttpProxyConfig == null) {
            return false;
        }
        if (!StringUtils.isNotBlank(viaHttpProxyConfig.getNonProxyHosts())) {
            return viaHttpProxyConfig != null && StringUtils.isNotBlank(viaHttpProxyConfig.getHost());
        }
        String host = uri.getHost();
        boolean anyMatch = ((Stream) Stream.of((Object[]) viaHttpProxyConfig.getNonProxyHosts().split(",")).parallel()).anyMatch(str -> {
            return str.equalsIgnoreCase(host);
        });
        if (anyMatch) {
            LOGGER.info("Excluding host {} from the call thru web proxy.", host);
        }
        return !anyMatch;
    }
}
